X-Git-Url: http://git.freeside.biz/gitweb/?a=blobdiff_plain;f=rt%2Fhtml%2FElements%2FSetupSessionCookie;h=087f8250e0fcada49743a13652b58e603b3dee19;hb=4f7a1a2921aa875b27531a78a81716a07b47b0fa;hp=7a2ad9ff50e86e70e0f639295091294e77b65fb6;hpb=289340780927b5bac2c7604d7317c3063c6dd8cc;p=freeside.git diff --git a/rt/html/Elements/SetupSessionCookie b/rt/html/Elements/SetupSessionCookie index 7a2ad9ff5..087f8250e 100644 --- a/rt/html/Elements/SetupSessionCookie +++ b/rt/html/Elements/SetupSessionCookie @@ -1,8 +1,14 @@ -%# BEGIN LICENSE BLOCK +%# BEGIN BPS TAGGED BLOCK {{{ %# -%# Copyright (c) 1996-2003 Jesse Vincent +%# COPYRIGHT: +%# +%# This software is Copyright (c) 1996-2007 Best Practical Solutions, LLC +%# %# -%# (Except where explictly superceded by other copyright notices) +%# (Except where explicitly superseded by other copyright notices) +%# +%# +%# LICENSE: %# %# This work is made available to you under the terms of Version 2 of %# the GNU General Public License. A copy of that license should have @@ -14,72 +20,105 @@ %# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU %# General Public License for more details. %# -%# Unless otherwise specified, all modifications, corrections or -%# extensions to this work which alter its source code become the -%# property of Best Practical Solutions, LLC when submitted for -%# inclusion in the work. +%# You should have received a copy of the GNU General Public License +%# along with this program; if not, write to the Free Software +%# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +%# 02110-1301 or visit their web page on the internet at +%# http://www.gnu.org/copyleft/gpl.html. +%# +%# +%# CONTRIBUTION SUBMISSION POLICY: %# +%# (The following paragraph is not intended to limit the rights granted +%# to you to modify and distribute this software under the terms of +%# the GNU General Public License and is only of importance to you if +%# you choose to contribute your changes and enhancements to the +%# community by submitting them to Best Practical Solutions, LLC.) %# -%# END LICENSE BLOCK +%# By intentionally submitting any modifications, corrections or +%# derivatives to this work, or any other work intended for use with +%# Request Tracker, to Best Practical Solutions, LLC, you confirm that +%# you are the copyright holder for those contributions and you grant +%# Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable, +%# royalty-free, perpetual, license to use, copy, create derivative +%# works based on those contributions, and sublicense and distribute +%# those contributions and any derivatives thereof. +%# +%# END BPS TAGGED BLOCK }}} <%init> return if $m->is_subrequest; # avoid reentrancy, as suggested by masonbook -my %cookies = CGI::Cookie->fetch(); -my $cookiename = "RT_SID_".$RT::rtname.".".$ENV{'SERVER_PORT'}; -my %backends = ( - mysql => 'Apache::Session::MySQL', - Pg => 'Apache::Session::Postgres', -# Oracle => 'Apache::Session::Oracle', -) unless $RT::WebSessionClass; -my $session_class = $RT::WebSessionClass || $backends{$RT::DatabaseType} || 'Apache::Session::File'; -my $pm = "$session_class.pm"; $pm =~ s|::|/|g; require $pm; +my %cookies = CGI::Cookie->fetch(); +my $cookiename = "RT_SID_" . $RT::rtname . "." . $ENV{'SERVER_PORT'}; +$SessionCookie ||= $cookies{$cookiename} ? $cookies{$cookiename}->value : undef; + +my %backends = ( + mysql => 'Apache::Session::MySQL', + Pg => 'Apache::Session::Postgres', + + # Oracle => 'Apache::Session::Oracle', +); + +my $session_class = $RT::WebSessionClass + || $backends{$RT::DatabaseType} + || 'Apache::Session::File'; +my $pm = "$session_class.pm"; +$pm =~ s|::|/|g; +require $pm; + +# morning bug avoidance attempt -- pdh 20030815 +unless ( $RT::Handle->dbh && $RT::Handle->dbh->ping ) { + $RT::Handle->Connect(); +} + +my $session_properties; +if ( $session_class eq 'Apache::Session::File' ) { + $session_properties = { + Directory => $RT::MasonSessionDir, + LockDirectory => $RT::MasonSessionDir, + }; +} else { + $session_properties = { + Handle => $RT::Handle->dbh, + LockHandle => $RT::Handle->dbh, + }; +} + +eval { + tie %session, $session_class, $SessionCookie, $session_properties +}; +if ($@) { - # morning bug avoidance attempt -- pdh 20030815 - unless ($RT::Handle->dbh && $RT::Handle->dbh->ping) { - $RT::Handle->Connect(); - } + # If the session is invalid, create a new session. eval { - tie %session, $session_class, - $SessionCookie || ( $cookies{$cookiename} ? $cookies{$cookiename}->value() : undef ), - $backends{$RT::DatabaseType} ? { - Handle => $RT::Handle->dbh, - LockHandle => $RT::Handle->dbh, - } : { - Directory => $RT::MasonSessionDir, - LockDirectory => $RT::MasonSessionDir, - }; + tie %session, $session_class, undef, $session_properties; + undef $cookies{$cookiename}; }; - if ($@) { +} - # If the session is invalid, create a new session. - if ( $@ =~ /Object does not/i ) { - tie %session, $session_class, undef, - $backends{$RT::DatabaseType} ? { - Handle => $RT::Handle->dbh, - LockHandle => $RT::Handle->dbh, - } : { - Directory => $RT::MasonSessionDir, - LockDirectory => $RT::MasonSessionDir, - }; - undef $cookies{$cookiename}; - } - else { - die "RT Couldn't write to session directory '$RT::MasonSessionDir': $@. Check that this dir ectory's permissions are correct."; - } - } +if ($@) { + die loc("RT couldn't store your session.") . "\n" + . loc( + "This may mean that that the directory '[_1]' isn't writable or a database table is missing or corrupt.", + $RT::MasonSessionDir + ) + . "\n\n" + . $@; +} - if ( !$cookies{$cookiename} ) { - my $cookie = new CGI::Cookie( - -name => $cookiename, - -value => $session{_session_id}, - -path => '/', - ); - $r->header_out('Set-Cookie', $cookie->as_string); +if ( !$cookies{$cookiename} ) { + my $cookie = new CGI::Cookie( + -name => $cookiename, + -value => $session{_session_id}, + -path => $RT::WebPath, + -secure => ($RT::WebSecureCookies ? 1 :0) + ); + $r->headers_out->{'Set-Cookie'} = $cookie->as_string; - } +} - return(); +return (); <%args> -$SessionCookie => '' +$SessionCookie => undef